IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a local user to obtain sensitive information from temporary script files. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM
Information Disclosure
Cloud Orchestrator
NVD
CVSS 3.1
3.3
EPSS
0.3%
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be used by a local user to send email. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.
IBM
Information Disclosure
Cloud Orchestrator
NVD
CVSS 3.1
2.3
EPSS
0.3%